entp-multipass 1.0.0

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 rick olson
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README

@@ -0,0 +1,12 @@
+MultiPass
+=========
+
+Bare bones implementation of encoding and decoding MultiPass values for SSO.
+
+MultiPasses are json hashes encrypted with strong AES encryption.  They are typically
+passed as cookie values, URL params, or HTTP header values, depending on how
+the individual service chooses to implement it.  
+
+The idea is that if a site wants to automatically create a local user based
+on the login credentials of another site, it will look for a MultiPass.  This 
+MultiPass can contain the user's email address, name, etc.  

data/VERSION.yml

@@ -0,0 +1,4 @@
+--- 
+:major: 1
+:minor: 0
+:patch: 0

data/lib/multipass.rb

@@ -0,0 +1,94 @@
+require 'ezcrypto'
+require 'time'
+
+class MultiPass
+  class Invalid      < StandardError; end
+  class ExpiredError < Invalid;       end
+  class JSONError    < Invalid;       end
+  class DecryptError < Invalid;       end
+
+  def self.encode(site_key, api_key, options = {})
+    new(site_key, api_key).encode(options)
+  end
+
+  def self.decode(site_key, api_key, data)
+    new(site_key, api_key).decode(data)
+  end
+
+  def initialize(site_key, api_key)
+    @site_key   = site_key
+    @api_key    = api_key
+    @crypto_key = EzCrypto::Key.with_password(@site_key, @api_key)
+  end
+
+  # Encrypts the given hash into a multipass string.
+  def encode(options = {})
+    options[:expires] = case options[:expires]
+      when Fixnum               then Time.at(options[:expires]).to_s
+      when Time, DateTime, Date then options[:expires].to_s
+      else options[:expires].to_s
+    end
+    escape_value @crypto_key.encrypt64(options.to_json)
+  end
+
+  # Decrypts the given multipass string and parses it as JSON.  Then, it checks
+  # for a valid expiration date.
+  def decode(data)
+    json = @crypto_key.decrypt64(unescape_value(data))
+    
+    if json.nil?
+      raise MultiPass::DecryptError
+    end
+
+    options = decode_json(json)
+    
+    if !options.is_a?(Hash)
+      raise MultiPass::JSONError
+    end
+
+    options.keys.each do |key|
+      options[key.to_sym] = options.delete(key)
+    end
+
+    if options[:expires].nil? || Time.now.utc > Time.parse(options[:expires])
+      raise MultiPass::ExpiredError
+    end
+
+    options
+  end
+
+private
+  if Object.const_defined?(:ActiveSupport)
+    def decode_json(s)
+      ActiveSupport::JSON.decode(s)
+    rescue ActiveSupport::JSON::ParseError
+      raise MultiPass::JSONError
+    end
+  else
+    require 'json'
+    def decode_json(s)
+      JSON.parse(s)
+    rescue JSON::ParserError
+      raise MultiPass::JSONError
+    end
+  end
+
+  if Object.const_defined?(:Rack)
+    def escape_value(s)
+      Rack::Utils.escape(s)
+    end
+
+    def unescape_value(s)
+      Rack::Utils.unescape(s)
+    end
+  else
+    require 'cgi'
+    def escape_value(s)
+      CGI.escape(s)
+    end
+
+    def unescape_value(s)
+      CGI.unescape(s)
+    end
+  end
+end

data/test/multipass_test.rb

@@ -0,0 +1,56 @@
+$LOAD_PATH << File.join(File.dirname(__FILE__), '..', 'lib')
+require 'rubygems'
+require 'test/unit'
+require 'multipass'
+
+class MultiPassTest < Test::Unit::TestCase
+  def setup
+    @date   = Time.now + 1234
+    @input  = {:expires => @date, :email => 'ricky@bobby.com'}
+    @output = @input.merge(:expires => @input[:expires].to_s)
+    @key    = EzCrypto::Key.with_password('example', 'abc')
+    @mp     = MultiPass.new('example', 'abc')
+  end
+
+  def test_encodes_multipass
+    expected = @key.encrypt64(@output.to_json)
+    assert_equal CGI.escape(expected), @mp.encode(@input)
+  end
+
+  def test_encodes_multipass_with_class_method
+    expected = @key.encrypt64(@output.to_json)
+    assert_equal CGI.escape(expected), MultiPass.encode('example', 'abc', @input)
+  end
+
+  def test_decodes_multipass
+    encoded = @mp.encode(@input)
+    assert_equal @input, @mp.decode(encoded)
+  end
+
+  def test_decodes_multipass_with_class_method
+    encoded = @mp.encode(@input)
+    assert_equal @input, MultiPass.decode('example', 'abc', encoded)
+  end
+
+  def test_invalidates_bad_string
+    assert_raises MultiPass::DecryptError do
+      @mp.decode("abc")
+    end
+  end
+
+  def test_invalidates_bad_json
+    assert_raises MultiPass::JSONError do
+      @mp.decode(CGI.escape(@key.encrypt64("abc")))
+    end
+    assert_raises MultiPass::JSONError do
+      @mp.decode(CGI.escape(@key.encrypt64("{a")))
+    end
+  end
+
+  def test_invalidates_old_expiration
+    encrypted = CGI.escape @key.encrypt64(@input.merge(:expires => (Time.now - 1)).to_json)
+    assert_raises MultiPass::ExpiredError do
+      @mp.decode(encrypted)
+    end
+  end
+end

metadata

@@ -0,0 +1,59 @@
+--- !ruby/object:Gem::Specification 
+name: entp-multipass
+version: !ruby/object:Gem::Version 
+  version: 1.0.0
+platform: ruby
+authors: 
+- rick
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-05-19 00:00:00 -07:00
+default_executable: 
+dependencies: []
+
+description: 
+email: technoweenie@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README
+- LICENSE
+files: 
+- VERSION.yml
+- lib/multipass.rb
+- test/multipass_test.rb
+- README
+- LICENSE
+has_rdoc: false
+homepage: http://github.com/entp/multipass
+post_install_message: 
+rdoc_options: 
+- --inline-source
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 3
+summary: TODO
+test_files: []
+